Does your small business really need cyber insurance?

If you’re a business owner, freelancer or consultant you probably think cyber insurance is an unnecessary expense. But, consider this…

Whether you realised it or not, cyber attacks have been happening for a long time. Ever since the internet was created, sophisticated hackers have found ways to attack the systems we now rely so heavily on every single day, all across the globe.

Although big companies are paying high salaries for experienced developers to prevent these attacks from occurring, cyber attacks are still increasing year on year. In fact, the tools at the hackers’ disposal are actually getting more powerful.

In 2017 alone, 230,000 new malware software was launched every day globally. And it’s not just big companies that are getting caught up in the mess, small businesses are too with 43% of SME’s being affected by cyber attacks in 2017.

According to research conducted by the Center for Strategic and International Studies, cybercrime is responsible for losses of £291bn annually.
Businesses are also having to deal with the knock-on effect of a cyber attack such as lost productivity. 2017’s WannaCry ransomware attack was estimated to have caused around $4bn in lost working hours.

In 2017, the average cost of a cyber attack for small businesses was around £250,000, and for bigger companies, the cost can be anywhere in the millions, the average around £4.2m according to NetDiligence.

How could a cyber attack affect your business?

Any business that uses technology at its core or handles employee or customer data digitally is at risk of a cyber attack. All it takes is a small breach in security and information can be leaked into the wrong hands. Not only could this be detrimental to your customers’ personal identity, but can seriously affect your business too.

If an attack were to occur, most businesses would have to immediately cease trading while they investigate the hack. This could significantly affect the businesses revenue. If a hack were to affect the business’ customers, for instance, if all of their personal data was targeted and exposed, the customers would, naturally, be disgruntled leaving the business with a bad reputation and a financial loss.

And it’s not just down to the business to fix the initial problems of an attack. Business owners will need to prevent the issue from occurring again in the future by implementing new security features and re-training staff – a cost that many companies do not factor into their annual spending.

There are also potential regulatory fines to pay. In May 2018, the new European Union’s General Data Protection Regulation (GDPR) comes into force and businesses could be fined up to 4% of their annual turnover or €20m, whichever is greater, if regulators think you haven’t protected customers’ personal data adequately.

Not many small businesses can survive a cyber attack, and many are forced to close or file for bankruptcy.

It’s important to point out that cyber insurance won’t prevent a cyber attack from happening, however, it could significantly reduce or even eliminate the financial strain on businesses should they suffer an attack.

Like all insurance policies, they all seem pointless until the time comes when they are desperately needed.